Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 24

Thread: Check out your firewall - you may be shocked

  1. #11

    Default Re: Check out your firewall - you may be shocked

    Quote Originally Posted by xRyokenx View Post
    Oh shi-... Avira is crap? That sucks. The free antivirus is pretty much the only thing I've been using.
    It's the firewall functions being tested here. Avira and Avast are the best two free AV's in terms of detection rates.

    CB

  2. #12
    read my comic already! (sig) xRyokenx's Avatar
    Join Date
    Dec 2006
    Location
    Bloomingburg, NY
    Posts
    4,416

    Default Re: Check out your firewall - you may be shocked

    Ahh, alright. Well I got Comodo Firewall and Antivirus a moment ago and installed it. Guess it doesn't hurt to have extra protection, lol.

  3. #13
    Like a Lightning Bolt in Your Cheerios! Drum Thumper's Avatar
    Join Date
    Jan 2007
    Location
    Montana
    Posts
    4,522

    Default Re: Check out your firewall - you may be shocked

    Quote Originally Posted by xRyokenx View Post
    Ahh, alright. Well I got Comodo Firewall and Antivirus a moment ago and installed it. Guess it doesn't hurt to have extra protection, lol.
    You run the risk of possible system slowdown running two AV suites. In fact, some AV suites will not play well with others, but I cannot remember which ones.
    Quote Originally Posted by artoodeeto View Post
    aw heck guys. We're modders. Let's just build our own, shall we?

    DrumThumper.net || The Brewing Art ||
    My Flickr Stream

  4. #14

    Default Re: Check out your firewall - you may be shocked

    Quote Originally Posted by xRyokenx View Post
    Ahh, alright. Well I got Comodo Firewall and Antivirus a moment ago and installed it. Guess it doesn't hurt to have extra protection, lol.
    That antivirus is a 30 day trial unless you paid $39 for it .... Comodo Firewall and Antivir or Avast plus 2 or 3 malware scanners and your fixed.

    CB

  5. #15
    Yuk it up Monkey Boy! Airbozo's Avatar
    Join Date
    Jun 2006
    Location
    In the Redwoods
    Posts
    5,270

    Default Re: Check out your firewall - you may be shocked

    Quote Originally Posted by Crazy Buddhist View Post
    Terry,

    Out of interest what do you use?

    I am setting up a bridged router to a dedicated box this weekend and was thinking of going with IPCOP but am wondering about smoothwall.

    Matthew
    I have a Juniper Networks Netscreen firewall vpn. Not sure of the exact model, it was a freebie I got a while back for attending a tech conference. Actually I won it in a raffle drawing. Gotta love those conferences. Not that I think of it I have not even looked at that thing since I installed it. Maybe it is time to investigate it's functions a little more. When I have time I will check it out.

    No power at my house right now so I can not even log into it. We had a wicked storm pass through here yesterday. 12" of rain in less than 24 hours and 70mph gusts took down a lot of trees and power poles. I have the top of a power pole sitting in the middle of my street right now so I can not even get home. Estimated time of power restoration? Sometime before Friday... Had to come into work today so I could get my TBCS fix...
    "...Dumb all over, A little ugly on the side... "...Frank Zappa...

  6. #16
    read my comic already! (sig) xRyokenx's Avatar
    Join Date
    Dec 2006
    Location
    Bloomingburg, NY
    Posts
    4,416

    Default Re: Check out your firewall - you may be shocked

    Well it didn't say anything about the antivirus being a trial, it was just this other tech support sort of thing or something that wasn't free after 30 days.

  7. #17
    Will YOU be ready when the zombies rise? x88x's Avatar
    Join Date
    Oct 2008
    Location
    MD, USA
    Posts
    6,334

    Default Re: Check out your firewall - you may be shocked

    When looking at the results, make sure you remember that this is only a test of their firewall capabilities, and most of the well-known products are AV that happen to have a firewall/etc thrown in; it's not their real intended purpose, and so personally I don't really find the results that surprising.

    BTW, xRyokenx, the free version of Avira doesn't include their firewall, so this has no bearing on that version whatsoever. (free Avira is my person preference for AV too, btw)

    Quote Originally Posted by xRyokenx View Post
    Ahh, alright. Well I got Comodo Firewall and Antivirus a moment ago and installed it. Guess it doesn't hurt to have extra protection, lol.
    Actually, yes, it can. This is especially true with AV software, since a lot of newer (last 5-7 years) products hook themselves deep into the OS so that they can actually detect and kill stuff. If you have two pieces of software trying to do that, they'll often kill the other, and you end up with no protection.


    As for hardware vs software hardware, it is correct that 'hardware' firewalls are just software running on dedicated hardware; most 'hardware firewalls' are just an embedded system running a stripped-down version of Linux or BSD, plus proprietary software. The reason that hardware devices provide better protection is that a) they protect the entire network, and b) they deal with the traffic at the protocol layer instead of the application layer (what software firewalls usually do). Additionally, software (or client) firewalls run on top of the OS, so they can be compromised relatively easily if the OS is compromised.

  8. #18
    read my comic already! (sig) xRyokenx's Avatar
    Join Date
    Dec 2006
    Location
    Bloomingburg, NY
    Posts
    4,416

    Default Re: Check out your firewall - you may be shocked

    I'll go ahead and get rid of Comodo's AV then.

  9. #19

    Default Re: Check out your firewall - you may be shocked

    Quote Originally Posted by x88x View Post
    When looking at the results, make sure you remember that this is only a test of their firewall capabilities, and most of the well-known products are AV that happen to have a firewall/etc thrown in; it's not their real intended purpose, ......
    I think the title of the thread makes the first bit plain "Check out your firewall".

    Norton Internet Security Suite and McAfee Security Suite are both well established all-round protection suites that have had firewalling for years - and been advertised as such. I don't count them as AV and not having firewalling as a primary purpose and neither do they.

    These two results in particular were very interesting and shockingly poor. Especially when compared with Kaspersky Internet Security Suite. The three are in similar market positions in terms of longevity and fame.

    Kaspersky would seem to be the only rounded product of the three. Not only that but it also has a lighter foorprint on the O/S than either of the other two.

    Norton has been a known machine killer for years in terms of performance hit and Mcafee sadly caught up on that score pretty much. That their firewalling is so leaky makes one wonder whether they have overcomplicated their builds or missed some basic tricks - or a bit of both since their confirmed status as bloatware implies the first.

    I was also surprised to see Zonealarm do so poorly although I don't recommend it any longer particularly, preferring Comodo for those who want a free firewall.

    The other product that shocked me was Threatfire - a lot of people tout this and the very low rate of success in these tests means I will be pointing this research out to the people I know who are relying on it.

    To imply that products advertising themselves with all round capabilities they do not have should be given a break, in essence, because firewalling "is not their real intended purpose" is a bit misleading really. If it says it's a fish and it looks like a fish and smells like a fish ..... but turns out to be crabsticks, there's no excuse.

    The third solution between an purchased hardware firewall and a software f/w on the local machine is to build a dedicated box yourself.

    If you do this using IPCOP or one of the similar Linux based distros and configure it correctly with the right plug ins you get as good as an off the shelf box:

    - stripped down and hardened Linux OS as the base O/S
    - firewalling built into the Kernel not sitting on top
    - a full range of higher end capabilities - VPN, QOS, anti-DOS, Packet filtering, web proxy, AV at the firewall (with Clam)
    - prototcol layer and application layer control
    - protects the whole network

    Given that IPCOP can run off a PIII with low ram and a 10G hard drive and the software is GPL you are looking at a homebrew hardware firewall with the capabilities of dedicated machines costing into the thousands of dollars but costing zero ... or at a fraction of the price (if you don't have some of that hardware laying around like most of us).

    The OP in this article linked above had this to say:

    I know that I need the following features to work:
    • Traffic Routing
    • DHCP
    • VPN
    Like any good internet junkie I turned to Google. I did a quick search for firewall routers and came up with an assorted list of possible replacements. From DLink to Linksys to Symantec – everyone seemed to be in the market. Only problem was each would take days to get and the cheapest would run the company just over $300. To put that into perspective the most expensive of ones with the features I needed was $6,800.

    So I modified my search to include open source projects. Right away I got a number of Linux alternatives. High on the list was one that was a little familiar – I remember reading an article about this great little firewall called IPCop.

    Now let me just get out of the way how easy this thing was to get up and running. The solution took under an hour to get entirely setup, as apposed to the over 8 hours I spent on the SonicWall – and over that on the old Symantec I had before that. Here’s how it went:
    • Download the ISO (CD Image) of IPCop 1.4.1
    • Burn it to a CD
    • Pull old PC out of trash (Celeron 400 w/128 MB Ram and 4 GB hard drive)
    • Take out an old PC add a 10/100 NIC card (so there would be two instead of one)
    • Put IPCop CD in old PC
    • Turn on computer
    • IPCop config loads
    • Configure IPCop
    • Firewall Working
    • Configure all access rules.
    • Finished

    OK – so I have a working firewall with all of the features I want. They have pretty good documentation, but the real gold is in the ease of which everything was configured. Had I purchase a firewall that had the same features – it would have run me about $3,800. So far I have spent $1.00 on the CDR. Lets talk about what the software does.
    • A secure, stable and highly configurable Linux based firewall
    • Easy administration through the built in web server
    • Lots of great reports, logs and graphs
    • A DHCP client that allows IPCop to, optionally, obtain its IP address from your ISP
    • A DHCP server that can help configure machines on your internal network
    • A caching DNS proxy, to help speed up Domain Name queries
    • A web caching proxy, to speed up web access
    • An intrusion detection system to detect external attacks on your network
    • The ability to partition your network into a GREEN, safe, network protected from the Internet, a BLUE network for your wireless LAN and a DMZ or ORANGE network containing publicly accessible servers, partially protected from the Internet
    • A VPN facility that allows you to connect your internal network to another network across the Internet, forming a single logical network or to securely connect PCs on your BLUE, wireless, network to the wired GREEN network
    • Traffic shaping capabilities to give highest priority to interactive services such as ssh and telnet, high priority to web browsing, and lower priority to bulk services such as FTP.
    • Improved VPN support with x509 certificates.
    • Built from the ground up with ProPolice to prevent stack smashing attacks in all applications.
    • A choice of four kernel configurations, allowing you to choose an optimum configuration for your circumstances.
    • An appendix of this manual discusses running IPCop from a flash disk.
    It is a Linux based operating system, but it is not meant to be a general-purpose system. The firewall design attempts to eliminate as many features from the system as possible. The central idea is that the more code that runs on the firewall, the more places there are that are vulnerable to attacks.
    and


    All I have to say is spread the word and try this out. Not only was it really really easy to set up, but these guys have the best firewall I have ever used. This would be an excellent firewall for any small to medium sized business. We highly recommend it.
    It would be interesting to see devices based on IPCOP and other such Linux based distro's tested against out of the box solutions if anyone can dig anything up. The real down dirty coders and network people commenting were seemingly of the view that to pay for a Network device is a sin when the GPL based ones are so damn good.

    CB

  10. #20
    Administrator OvRiDe's Avatar
    Join Date
    Dec 2005
    Location
    Tulsa, OK
    Posts
    4,584

    Default Re: Check out your firewall - you may be shocked

    Quote Originally Posted by Crazy Buddhist View Post
    I am setting up a bridged router to a dedicated box this weekend and was thinking of going with IPCOP but am wondering about smoothwall.
    There is no real difference in the 2 releases. They both use IPchains, so it just boils down to which web based interface you prefer. I have used both, and they both work fine. Personally I think that Smoothwall has a slightly nicer interface. You could also just load up any linux distro and accomplish the same thing from the command line if you are familiar with the packages and commands.

    Another one to look into is M0n0Wall which has a BSD backend. Some feel that with it being rooted in BSD its more secure then any linux firewall. I have used it as well, and it works fine.

    Quote Originally Posted by Zephik View Post
    What's the difference between hardware and software firewalls? Aren't hardware firewalls just hardware with software installed? Isn't that basically what software firewalls are?
    Basically you have the gist of it with the difference between a hardware and software firewall, and yes a hardware firewall is basically a dedicated device running software. With a software firewall loaded on a machine connected to the internet, the machine still receives the packets before the software is able to reject them. So technically they are still interacting with the OS, and thus pose a potential threat. With a hardware firewall the packets are rejected at the firewall. They never have a chance to make it into the network and on to your machine, so there is an extra level of protection. It also provides this extra protection for your whole network, and not just one machine at a time.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •